Sending IIS (Windows Server) log to CloudWatch without SSM - possible?

Question

Hello,

* chatGPT states that you don't need to use any SSM features when installing and configuring CloudWatch agent on Windows machine to send IIS log.
* *  But another videos on Youtube recommend using except cloudwatch role, also some ssm role for EC2 instance and SSM agent/features to reach the goal.
* **  One video even points on necessity of having enabled 'Endpoint ssm'  feature (in VPC)  to make the final configuration working.

What is the correct answer?

Can I do it as a beginner without all those SSM-related stuff?

Thanks a lot

Answer

All that’s required is the cloud watch agent installing and configuring on the instance and with connectivity to the logs public or private endpoint.

And

A role with permissions to write to cloud watch log groups will be required too.

SSM isn’t required but may be used to configure and or install the agent in an automated way.

Answer

hey,

install the CloudWatch agent in your server and configure it to push the logs.

Make sure to create and attach an IAM instance profile i.e., an IAM role to the server which should have permissions to send logs to CloudWatch.

Following document will help you to setup the CloudWatch agent and required policies [https://repost.aws/knowledge-center/cloudwatch-push-metrics-unified-agent](https://repost.aws/knowledge-center/cloudwatch-push-metrics-unified-agent)

Sending IIS (Windows Server) log to CloudWatch without SSM - possible?

Relevant content